//package com.zzz.security;
//
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.web.authentication.AuthenticationFailureHandler;
//
///**
// * @author Chunsheng.Zhang
// * @date 2021/5/11 10:50
// * @description : TODO
// */
//@EnableWebSecurity
////@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true)
//public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
//
//    @Autowired
//    private CustomUserDetailsService customUserDetailsService;
//
//
//    @Override
//    @Bean
//    public AuthenticationManager authenticationManagerBean() throws Exception {
//        return super.authenticationManagerBean();
//    }
//
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        //配置security使用的UserDetailsService
//        auth.userDetailsService(customUserDetailsService)
//                //配置密码比对策略
//                .passwordEncoder(new BCryptPasswordEncoder());
//    }
//
//
//
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        //@formatter:off
//        http.authorizeRequests()
//                // all users have access to these urls
//                //.antMatchers("/rout/**").permitAll()
//                // Any URL that starts with "/admin/" will be restricted to users who have the role "ROLE_ADMIN"
//                .antMatchers("/user/**").hasAuthority("user:sel")
//                // Any URL that starts with "/db/" requires the user to have both "ROLE_ADMIN" and "ROLE_DBA"
//                .antMatchers("/menu/**").hasAnyAuthority("user:sel","menu:sel")
//                .anyRequest().authenticated()
//                .and()
//                .formLogin()
//                //指定登录页的路径
//                //.loginPage("/rout/toLogin")
//                //指定自定义form表单请求的路径
//                //.loginProcessingUrl("/authentication/form")
//                //登录失败后请求的路径
//                //.failureUrl("/rout/toError")
//                //认证失败后调用的处理器
//                .failureHandler(customAuthenticationFailureHandler())
//                //登录成功后，请求的路径
//                .defaultSuccessUrl("/user/getUser")
//                .and()
//                .logout()
//                // 设置退出登录的路径
//                .logoutUrl("/zzz/logout")
//                // 退出成功之后请求的路径
//                //.logoutSuccessUrl("/rout/toLogin")
//                // 退出登录成功后会执行的处理器
//                //.logoutSuccessHandler(logoutSuccessHandler)
//                // 退出登录时是否让session失效（默认为true）
//                //.invalidateHttpSession(true)
//                // Adds a LogoutHandler. SecurityContextLogoutHandler is added as the last LogoutHandler by default
//                //.addLogoutHandler(logoutHandler)
//                // 退出登录成功后删除对应的cookie
//                .deleteCookies()
//                .and()
//                .rememberMe()
//                // Add remember me function and valid date.
//                .key("uniqueAndSecret")
//                .tokenValiditySeconds(60 * 60 * 24 * 7)
//                .and()
//                //未登录时访问接口的处理配置
//                .exceptionHandling()
//                //权限校验失败后处理
//                .accessDeniedHandler(new JsonAccessDeniedHandler());
//        //@formatter:on
//
//        //默认都会产生一个hiden标签 里面有安全相关的验证 防止请求伪造 这边我们暂时不需要 可禁用掉
//        http .csrf().disable();
//    }
//
//    @Bean
//    public AuthenticationFailureHandler customAuthenticationFailureHandler() {
//        return new CustomAuthenticationFailureHandler();
//    }
//
//}
